Question No: 81 – (Topic 3)

A network technician is assisting the company with developing a new business continuity plan. Which of the following would be an appropriate suggestion to add to the plan?

Build redundant links between core devices

Physically secure all network equipment

Maintain up-to-date configuration backups

Perform reoccurring vulnerability scans

Answer: A Explanation:

The business continuity plan focuses on the tasks carried out by an organization to ensure that critical business functions continue to operate during and after a disaster.

By keeping redundant links between core devices critical business services can be kept running if one link is unavailable during a disaster.

Question No: 82 – (Topic 3)

During a check of the security control measures of the company network assets, a network administrator is explaining the difference between the security controls at the company.

Which of the following would be identified as physical security controls? (Select THREE).

RSA

Passwords

Man traps

Biometrics

Cipher locks

VLANs

3DES

Answer: C,D,E Explanation:

Physical security is the protection of personnel, hardware, programs, networks, and data from physical circumstances and events that could cause serious losses or damage to an enterprise, agency, or institution. This includes protection from fire, natural disasters, burglary, theft, vandalism, and terrorism.

C: A mantrap is a mechanical physical security devices for catching poachers and trespassers. They have taken many forms, the most usual being like a large foothold trap, the steel springs being armed with teeth which met in the victim#39;s leg.

D: Biometric authentication is a type of system that relies on the unique biological characteristics of individuals to verify identity for secure accessto electronic systems. Biometric authentication is a physical security device.

E: Cipher locks are used to control access to areas such as airport control towers, computer rooms, corporate offices, embassies, areas within financial institutions, research and development laboratories, and storage areas holding weapons, controlled substances, etc. Cipher locks are physical security devices.

Question No: 83 – (Topic 3)

A network technician has set up an FTP server for the company to distribute software updates for their products. Each vendor is provided with a unique username and password for security. Several vendors have discovered a virus in one of the security updates. The company tested all files before uploading them but retested the file and found the virus.

Which of the following could the technician do for vendors to validate the proper security patch?

Use TFTP for tested and secure downloads

Require biometric authentication for patch updates

Provide an MD5 hashfor each file

Implement a RADIUS authentication

Answer: C Explanation:

If we put an MD5 has for each file we can see if the file has been changed or not.

MD5 is an algorithm that is used to verify data integrity through the creation of a 128-bit message digest from data input (which may be a message of any length) that is claimed to be as unique to that specific data as a fingerprint is to the specific individual.

Question No: 84 – (Topic 3)

A company has seen an increase in ransomware across the enterprise. Which of the following should be implemented to reduce the occurrences?

ARP inspection

Intrusion detection system

Web content filtering

Port filtering

Answer: C Explanation:

Ransomware is a type ofmalware which restricts access to the computer system that it infects, and demands a ransom paid to the creator(s) of the malware in order for the restriction to be removed.

The best way to avoid ransomware include proactive measures like the following: Don’t click on any URL or open an attachment you are not expecting.

Implement an email content filtering service Install a web content filtering service

Invest in leading end point security software solutions

Question No: 85 – (Topic 3)

Which of the following technologies is designed to keep systems uptime running in the event of a disaster?

High availability

Load balancing

Quality of service

Caching engines

Answer: A Explanation:

If a network switch or router stops operating correctly (meaning that a network fault occurs), communication through the network could be disrupted, resulting in a network becoming unavailable to its users. Therefore, network availability, called uptime, is a major design consideration.

Question No: 86 – (Topic 3)

Which of the following describes a smurf attack?

Attack on a target using spoofed ICMP packets to flood it

Intercepting traffic intended for a target and redirecting it to another

Spoofed VLAN tags used to bypass authentication

Forging tags to bypass QoS policies in order to steal bandwidth

Answer: A Explanation:

The Smurf Attack is a distributed denial-of-service attack in which largenumbers of Internet Control Message Protocol (ICMP) packets with the intended victim#39;s spoofed source IP are broadcast to a computer network using an IP Broadcast address.

Most devices on a network will, by default, respond to this by sending a reply to the source IP address. If the number of machines on the network that receive and respond to these packets is very large, the victim#39;s computer will be flooded with traffic. This can slow down the victim#39;s computer to the point where it becomes impossible towork on.

Question No: 87 – (Topic 3)

Ann, a network technician, was asked to remove a virus. Issues were found several levels deep within the directory structure. To ensure the virus has not infected the .mp4 files in the directory, she views one of the files and believes it contains illegal material. Which of the following forensics actions should Ann perform?

Erase the files created by the virus

Stop and escalate to the proper authorities

Check the remaining directories for more .mp4 files

Copy the information to a network drive to preserve the evidence

Answer: B Explanation:

Computer forensics is about legal evidence found in computers and digital storage. A plan should includefirst responders securing the area and then escalating to senior management and authorities when required by policy or law.

Question No: 88 – (Topic 3)

Which of the following concepts are MOST important for a company#39;s long term health in the event of a disaster? (Select TWO).

Redundancy

Implementing acceptable use policy

Offsite backups

Uninterruptable power supplies

Vulnerability scanning

Answer: A,C Explanation:

In case of disaster you must protect yourdata. Some of the most common strategies for data protection include:

backups made to tape and sent off-site at regular intervals

backups made to disk on-site and automatically copied to off-site disk, or made directly to off-site disk

the use of high availability systems which keep both the data and system replicated off-site (making the main site redundant), enabling continuous access to systems and data, even after a disaster.

Question No: 89 – (Topic 3)

A firewall ACL is configured as follows:

Deny Any Trust to Any DMZ eq to TCP port 22

Allow 10.200.0.0/16 to Any DMZ eq to Any

Allow 10.0.0.0/8 to Any DMZ eq to TCP ports 80, 443

Deny Any Trust to Any DMZ eq to Any

A technician notices that users in the 10.200.0.0/16 network are unable to SSH into servers in the DMZ. The company wants 10.200.0.0/16 to be able to use any protocol, but restrict the rest of the 10.0.0.0/8 subnet to web browsing only. Reordering the ACL in which of the following manners would meet the company#39;s objectives?

A. 11, 10, 12, 13

B. 12, 10, 11, 13

C. 13, 10, 12, 11

D. 13, 12, 11, 10

Answer: A Explanation:

ACL are processed in TOP DOWN process in routers or switches. This means that when a condition in the ACL is met, all processing is stopped.

We start by allowing any protocol on the 10.200.0.0/16 subnet:11. Allow 10.200.0.0/16 to AnyDMZ eq to Any

We then deny any traffic on TCP port 22:10. Deny Any Trust to Any DMZ eq to TCP port 22 We allow browsing (port 80 and 443) on the 10.0.0.0/8 subnet:Allow 10.0.0.0/8 to Any DMZ eq to TCP ports 80, 443

Finally we deny all other traffic:13. Deny Any Trust to Any DMZ eq to Any

Question No: 90 – (Topic 3)

A technician needs to ensure that new systems are protected from electronic snooping of Radio Frequency emanations. Which of the following standards should be consulted?

DWDM

MIMO

TEMPEST

DOCSIS

Answer: C Explanation:

Tempest was the name of a government project to study the ability to understand the data over a network by listening to the emanations. Tempest rooms are designed to keep emanations contained in that room to increasesecurity of data communications happening there.